HP Networking – discover the power of networking simplicity.
Get a variety of perspectives on HP Networking innovations, products and solutions from some of the leading experts in enterprise business networking. HP Networking has been a leader in SDN since 2007 and provides leading campus, data center and network virtualization solutions.

In my previous post, “5 cloud security risks enterprises need to consider”, an IT security professional commented, asking about “pre-buy security-oriented decisions around mapping authentication/encryption/availability to the various cloud storage models." That question motivated me to go deeper into one of those risk points—cloud encryption. I am drawing on discussions with my colleague John Pirc, security strategist with HP Enterprise Security, and delving into four critical points related to cloud encryption.

First, a little background on data in the cloud

Data residency laws affect cloud computing, and govern how data in the cloud can be accessed. The laws include the U.S. Patriot Act, Australia’s National Privacy Principle and the EU’s data protection directive. It's imperative that you use encryption as one of the methods to address the various regulatory compliance issues and allow unwarranted access to Cloud data. In the discussion below, we tackle the questions enterprise IT administrators need to ask before deciding on a cloud encryption strategy. The assumption of course is that cloud encryption is required, secure algorithms are available and the solution has high durability and availability. In addition, let’s also assume you have narrowed down the data to be encrypted.

1. Where should encryption and key management happen?

There are 4 ways you can apply encryption for cloud storage:

Encryption by cloud provider. Many cloud providers allow optional data encryption when using cloud storage services. This is an easy option, but the issue of the key and the data residing with the same provider is of concern.

Encryption done on premise. When the enterprise model is chosen, a customer premise device encrypts data before it moves to the cloud storage. When using multiple cloud providers, different keys for each provider should be used. Key management occurs on premise and the keys never leave the enterprise boundary. This model works for the more established enterprises, which have an extensive key management framework already.

Encryption self service. In this third model, encrypted data is stored in storage resources in one cloud, using keys residing in another cloud. Data is streamed to the server that provides key management, which encrypts the data. This encrypted data is then stored in the other cloud. This could solve some of the concerns but may not address some of the regulatory issues. There are other twists to this model.

Homomorphic encryption. Another method called homomorphic encryption allows specific operations to be done on encrypted data. This could be a great middle ground for cloud encryption, but finding such a solution that is easily usable could be a key challenge.

2. What should be encrypted and how many different keys are required for encryption?

The next question to think about is what data needs to be encrypted? There are various options ranging from encrypting just the index of the data to make it anonymous, to encrypting the complete data but not the meta-data so that operations can still be performed on the data, all the way to encrypting everything in the cloud.

There is also the question of the number of keys needed for encryption. We could use the same key for all the data or we could use multiple keys for the data residing in the same cloud infrastructure.

The simplest solution is encrypting everything, but it limits the capabilities one can use in the cloud. Similarly, the number of keys determines the ease of manageability by the administrators of the key management system.

3. How should access to the data be controlled?

Only authorized users should be allowed access to the keys and hence decrypt cloud data. The authorization decision can be based on identity of the user, which is generally the case. However, the authentication could be based on a lot more than just “who you are.” It could be based on “where you are”, within the enterprise or not. It could be based on device, meaning “what you are using.” And it could even be based on the application and “how are you using data.”

Newer methods to look at implicit authentication of data such as access patterns can be used. Two-factor authentication comprising more than one of the above methods could be used in case of discrepancies.

The enterprise administrator needs to clearly understand the kind of data encrypted with particular keys, the users/devices/locations that are allowed to access the data, and then create policies to match such access patterns.

4. How should data integrity be verified?

As data resides in the cloud for long durations, durability of the data becomes increasingly critical. Various mechanisms verify the integrity of the data to attest if the data is retrievable.

Privately verifiable mechanisms allow for putting patterns in encrypted data. This pattern is then verified in the data periodically, but the complete data is never checked. This verification method of data integrity is efficient as we do not have to do a word-by-word read of the data.

A publicly verifiable method such keeping track of a secure hash of each block of data, and then verifying the same periodically is another option. If you use a publically verifiable method, we can use third-party tools to verify the data integrity. This method is not as efficient as the privately verifiable method, but more fail safe and secure.

No one solution fits all

As your enterprise looks at cloud encryption needs, you need to answer these four critical questions before deciding on the cloud encryption strategy. No one strategy works for two enterprises, as the level of security depends on the “acceptability of risk threshold.”

However answering the above questions may help you find the solution that best fits your enterprise needs.

One piece of a larger puzzle

Cloud encryption is an important aspect of maintaining security in the cloud, but it is just one of many security aspects that you should consider. Security risks come in all forms: from hack attacks to simple human error. To mitigate as many of these risks as possible, your enterprise must take a proactive stance toward security that stretches end-to-end across the enterprise.

HP’s point of view is that enterprises must protect what matters most—your data—by taking an integrated approach to enterprise security, one that starts with a single, comprehensive view of risk across the entire enterprise, including multiple locations, remote workers, devices, and of course, cloud services.

You can learn more about HP’s intelligent security approach, including recent announcements that support this comprehensive view by visiting HP Security and Risk Management.

I’d like to keep this discussion going. Please share additional thoughts or comments here. Or connect with John and me via Twitter: @jopirc and @vmanral.